Nortel Networks Contivity Secure IP Services Gateway 4600 Manual do Utilizador descarregar pdf (Página 11)



 11



• IPSecProtocolTunnels

• PPTPProtocolTunnels

• L2TPProtocolTunnels

• L2FProtocolTunnels

• ChangePassword

2.4.1 CryptoOfficerServices

ThereisafactorydefaultloginIDandpassword,whichallowsaccesstotheCrypto

Officerrole.Thisinitialaccountistheprimaryadministrator'saccountfortheSwitch,

andguaranteesthatatleastoneaccountisabletoassumetheCryptoOfficerroleand

completelymanagetheswitchandusers.Theswitchcanalsobeconfiguredto

authenticatebasedonRSAdigitalsignatures.Anadministratoroftheswitchmayassign

permissiontoaccesstheCryptoOfficerroletoadditionalaccounts,therebycreating

additionaladministrators.EachadministratorwouldhaveaseparateIDandpassword.

Administratorsmayalwaysaccesstheswitchandauthenticatethemselvesviatheserial

port.TheymayalsoauthenticateasaUseroverasecuretunnelandthenauthenticateto

theswitchasaCryptoOfficerinordertomanagetheswitch.Anadministratorcanalso

configuretheswitchtoallowordisallowmanagementviaaprivateLANinterface,

withoutusingasecuretunnel.InitiallythedefaultconfigurationallowsHTTP

managementontheprivateLANinterfaceoftheSwitchwithoutrequiringasecure

tunnel.



Atthehighestlevel,CryptoOfficerservicesincludethefollowing:



• ConfiguretheSwitch:todefinenetworkinterfacesandsettings,setthe

protocolstheswitchwillsupport,defineroutingtables,setsystemdateand

time,loadauthenticationinformation,etc.

• CreateUserGroups:todefinecommonsetsofuserpermissionssuchas

accesshours,userpriority,passwordrestrictions,protocolsallowed,filters

applied,andtypesofencryptionallowed.Administratorscancreate,editand

deleteUserGroups,whicheffectivelydefinesthepermissionsetsfora

numberofUsers.

• CreateUsers:todefineUseraccountsandassignthempermissionsusing

UserGroups.EveryUsermaybeassignedaseparateIDandpasswordfor

IPSec,PPTP,L2TP,andL2F,whichallowaccesstotheUserroles.

Additionally,anaccountmaybeassignedanAdministrationID,allowing

accesstotheCryptoOfficerrole.EachAdministratorIDisassignedrightsto

ManagetheSwitch(eithernone,viewswitch,ormanageswitch)andrightsto

ManageUsers(eithernone,viewusers,ormanageusers).

• DefineRulesandFilters:tocreatepacketFiltersthatareappliedtoUser

datastreamsoneachinterface.EachFilterconsistsofasetofRules,which

defineasetofpacketstopermitordenybasedoncharacteristicssuchas

protocolID,addresses,ports,TCPconnectionestablishment,orpacket

1 2 ... 6 7 8 9 10 11 12 13 14 15 16

Comentários a estes Manuais

Sem comentários

Nortel Networks Contivity Secure IP Services Gateway 4600 Manual do Utilizador Página 11

Comentários a estes Manuais

Manuais e produtos relacionados com Comutadores de rede Nortel Networks Contivity Secure IP Services Gateway 4600